terraform-google-vpn fix: Add lifecycle to prevent changes when shared secret is updated

fix: Add lifecycle to prevent changes when shared secret is updated

Open ivayloivanov388 opened this issue 1 year ago • 2 comments

Add lifecycle to the VPN in order to prevent VPN replacement due to shared secrets being pulled by data resource from GCP Secrets Manager

<= data "google_secret_manager_secret_version" xxx" { + create_time = (known after apply) + destroy_time = (known after apply) + enabled = (known after apply) + id = (known after apply) + name = (known after apply) + secret_data = (sensitive value) + version = (known after apply) }

-/+ resource "google_compute_vpn_tunnel" "tunnels" { ~ creation_timestamp = "2022-05-03T00:23:06.875-07:00" -> (known after apply) ~ detailed_status = "Tunnel is up and running." -> (known after apply) ~ label_fingerprint = "gYs4vEHLW2w=" -> (known after apply) ~ local_traffic_selector = [ - "0.0.0.0/0", ] -> (known after apply) - peer_external_gateway_interface = 0 -> null ~ remote_traffic_selector = [ - "0.0.0.0/0", ] -> (known after apply) ~ shared_secret = (sensitive value) # forces replacement

Aug 21 '24 08:08 ivayloivanov388

@ivayloivanov388 thx for the PR. Can you plz fix lint test? Follow this doc

Aug 28 '24 21:08 imrannayer

This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

Oct 27 '24 23:10 github-actions[bot]

terraform-google-vpn terraform-google-vpn copied to clipboard

fix: Add lifecycle to prevent changes when shared secret is updated

terraform-google-vpn
terraform-google-vpn copied to clipboard